CVE-2011-2471
- EPSS 0.06%
- Veröffentlicht 09.06.2011 21:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to gain privileges via shell metacharacters in the (1) --vmlinux, (2) --session-dir, or (3) --xen argument, related to the daemonrc file and the do_save_setup and do_load_setup fun...
CVE-2011-2472
- EPSS 0.02%
- Veröffentlicht 09.06.2011 21:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
Directory traversal vulnerability in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to overwrite arbitrary files via a .. (dot dot) in the --save argument, related to the --session-dir argument, a different vulnerability than C...
CVE-2011-2473
- EPSS 0.04%
- Veröffentlicht 09.06.2011 21:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted --session-dir argument in conjunction with a symlink attack on the opd_pipe file, a different vuln...
CVE-2011-1760
- EPSS 0.08%
- Veröffentlicht 09.06.2011 19:55:02
- Zuletzt bearbeitet 11.04.2025 00:51:21
utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument.
CVE-2006-0576
- EPSS 0.07%
- Veröffentlicht 08.02.2006 00:06:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious (1) which or (2) dirname programs. NOTE: while opcontrol normally is not ru...